General Electric Probes Allegations of Data Theft and Cyberattack

General Electric (GE) is currently probing allegations of a cybersecurity breach in its development environment, following claims by a hacker about gaining unauthorized access and obtaining sensitive data.

GE, a renowned multinational conglomerate operating in sectors like power generation, renewable energy, and aviation, faces potential exposure due to this alleged breach.

This month, a cybercriminal using the moniker IntelBroker advertised the sale of what they claimed was access to GE's development and software pipelines. The access was initially offered for $500 on a hacking forum, but there were no takers.

Subsequently, IntelBroker escalated the stakes by announcing the sale of both the purported network access and the supposedly stolen data. In a forum post, the hacker claimed, "I am now selling the entire thing here separately, including access (SSH, SVN etc)."

The alleged stolen data is said to include highly sensitive military information related to DARPA, as well as a variety of files, SQL databases, and documents.

GE's response to this situation and the verification of these claims are currently underway.

The hacker known as IntelBroker has shared screenshots purporting to show data stolen from General Electric (GE), including a database from GE Aviation with details on military projects. This evidence was presented in support of claims of a breach at GE.

GE has acknowledged these claims and is currently conducting an investigation into the alleged data leak. "We are aware of claims made by a bad actor regarding GE data and are investigating these claims. We will take appropriate measures to help protect the integrity of our systems," a GE spokesperson stated to BleepingComputer.

Although the breach is not yet confirmed, IntelBroker has a history of high-profile cyberattacks. Notably, the hacker was responsible for a breach of the Weee! grocery service, and notably, the theft of sensitive personal data from D.C. Health Link, a healthcare marketplace serving Washington, D.C., including White House and House staffers and their families.

In March, IntelBroker claimed to have sold a stolen database from the D.C. Health Link breach containing the personal information of thousands of individuals. This incident garnered significant media attention and prompted a congressional hearing to investigate the breach's circumstances.

During the hearing, Mila Kofman, the Executive Director of the District of Columbia Health Benefit Exchange Authority, revealed that the exposed data resulted from a server misconfiguration, making it accessible online.